Title :
Sentinel: Hardware-Accelerated Mitigation of Bot-Based DDoS Attacks
Author :
Djalaliev, Peter ; Jamshed, Muhammad ; Farnan, Nicholas ; Brustoloni, José
Author_Institution :
Dept. of Comput. Sci., Pittsburgh Univ., Pittsburgh, PA
Abstract :
Effective defenses against DDoS attacks that deplete resources at the network and transport layers have been deployed commercially. Therefore, DDoS attacks increasingly use normal- looking application-layer requests to waste server CPU or disk capacity. CAPTCHAs attempt to distinguish bots from human clients and are often used to avoid such attacks. However, CAPTCHAs themselves consume resources and frequently are defeated. Kill-Bots reduces CAPTCHA overhead by pushing client authentication into the kernel. However, Kill-Bots requires kernel modifications, which can be infeasible. We describe the design, implementation, and performance evaluation of Sentinel, a network device that overcomes several limitations in Kill-Bots. Sentinel can be easily deployed as a bridge in front of server farms, modularly accepts a variety of present and future authentication schemes, and can use network processors to accelerate authentication. Experiments show that Sentinel greatly reduces the impact of DDoS attacks on the response time experienced by legitimate clients.
Keywords :
Internet; security of data; Bot-based DDoS attacks; Kill-Bots; hardware-accelerated mitigation; network processors; Acceleration; Authentication; Bridges; Central Processing Unit; Computer crime; Kernel; Network servers; Operating systems; Telecommunication traffic; Web server;
Conference_Titel :
Computer Communications and Networks, 2008. ICCCN '08. Proceedings of 17th International Conference on
Conference_Location :
St. Thomas, US Virgin Islands
Print_ISBN :
978-1-4244-2389-7
Electronic_ISBN :
1095-2055
DOI :
10.1109/ICCCN.2008.ECP.123
